<!doctype html>
<title>XMLHttpRequest: send() - CORS POST basic authenticated request</title>
<link rel="author" title="Maxim Vorobjov" href="mailto:maxim.vorobjov@gmail.com">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<link rel="help" href="https://xhr.spec.whatwg.org/#the-setrequestheader()-method" data-tested-assertations="following::ol[1]/li[6]">
<link rel="help" href="https://xhr.spec.whatwg.org/#the-send()-method" data-tested-assertations="following::code[contains(@title,'http-authorization')]/..">

<div id="log"></div>

<script>
"use strict";

async_test(t => {
  var client = new XMLHttpRequest()

  client.open("POST", "http://www1.w3c-test.org/XMLHttpRequest/resources/auth7/corsenabled.py", true)

  client.setRequestHeader("Authorization", "Basic MTMwZGY5NzEtMDE1NS00NTE4LWFjMjctOTU0ZmFhMzUwNWEzOnBhc3M=")
  client.setRequestHeader("x-user", "130df971-0155-4518-ac27-954faa3505a3")
  client.setRequestHeader("x-pass", "pass")
  client.setRequestHeader("Accept", "text/plain");
  client.setRequestHeader("Content-type", "application/json; charset=utf-8");

  client.onreadystatechange = t.step_func(() => {
    if (client.readyState < 4) {
      return;
    }
    assert_equals(client.status, 200);
    t.done();
  });

  client.send("{'data':'test'}");
});
</script>
